I installed CAV this afternoon on a machine, already clean of malware and CAV confirmed via quick scan. Now noticed that Comodo file cmdvirth.exe gets sandboxed, also various instances of svchost.exe get sandboxed with it. Weird.
The file seems legitimate. Anyone else noticed this? What’s the casue and how can I resolve. Cleared the sandbox, rebooted, but happening again ???
[attachment deleted by admin]
this file is run with something is run in the sandbox/kiosk and will be shown as sandboxed. This is normal behavior. if you reset the sandbox these processes will be terminated.
i would like to know, if this file is a safe one, or a virus? i have that same, but i don’t know what to do with it.
cmdvirth.exe is safe, it’s a file by Comodo and I think it’s to help with the sandboxing. It is automatically started in the sandbox whenever something is sandboxed, however it will not automatically terminate when the program sandboxed is closed. cmdvirth.exe should always be present when something is sandboxed. 
This is stupid situation becouse I want to know about sandboxed aplication and want to send them to analysis to check if they are good or bad!
When some Comodo processes is in sandbox, this is waste of my time and nervs, especially if I can’t determine if those files are good or bad!
Comodo says when I try to lookup that file “unknown” or when I try to submit “Failed”!?!?
Why Comodo can’t notify me that this file is “Good or Safe” when I submited or Lookup that file?
Is that so hard to do?
[attachment deleted by admin]
The problem with submission is being looked into by Comodo.
If you want to know if cmdvirth.exe is the real deal simply checks its digital signature. If the signature is ok then the file is the original file and not changed in any way.
I check on Virus Total every suspicious file and I know how to do that but many average users will not know what to do!
For them it will be much easier to submit sandboxed files from CIS via “lookup” or “submit” and be instantly notified is that file good or bad!
For ease of use and less confusion about that issue, I recomend that Comodo files are not shown in there.
Thnx